• Error: Certificate is referenced by a CRL, OCSP responder, vserver when trying to delete a cert-key even though it is not bound to any vserver , no links , OCSP present.
• Symptoms:  The Citrix ADC may have broken the cert links and unlinked the certificate from vservers while attempting to delete the certificate, leaving them in DOWN state.

Verify certificates are not referenced by a CRL or OCSP responder prior to attempting deletion.
If certificate deletion is attempted and receives this error message immediately reboot the Citrix ADC without saving the configuration and after reboot remove certificate references by CRL or OCSP responders prior to attempting deletion.

1. Run the command

>sh run | grep -i <CertName>

2. Check if the cert is bound to any Virtual Server, Actions, or Linked to any certificate.
3. Unbind the Certificate Bindings
4. Delete the Cert on Netscaler .

Problem Cause

Known issue and is caused  by different error codes returned by different PE’s(Packet Engines).